package com.gzist.security4.controller;

import com.gzist.security4.domain.Permission;
import com.gzist.security4.service.RoleService;
import com.gzist.security4.utils.Result;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RestController
@RequestMapping("/role")
@Api(tags = "角色模块")
public class RoleController {

    @Autowired
    private RoleService roleService;

    /*
     * @description:
     * 根据单个角色id获取其所拥有的所有权限
     * @author: huangzejian
     * @date: 2024/5/14 19:01
     * @param: [id]
     **/
    @ApiOperation("根据id获取所有权限")
    @PreAuthorize("hasAuthority('role:getPermissions')")
    @GetMapping("/getPermissions")
    public Result getPermissionByRoleId(@ApiParam("角色id") @RequestParam Long id) {
        List<Permission> permissions = roleService.getPermissionByRoleId(id);
        return Result.success(permissions);
    }
}
